<?php

$file_handle = fopen("conf.txt", "r");
        $line = split(":",fgets($file_handle));

        $hostname= $line[0];
        $db_user= $line[1];
        $db_pass= $line[2];
        $db_name= chop($line[3]);

        fclose($file_handle);
        
       $con = mysql_connect($hostname,$db_user,$db_pass);
       
        if (!$con)
        {
            die('Could not connect: ' . mysql_error());
        }
        date_default_timezone_set('UTC');
        mysql_select_db($db_name, $con);

if ( $_POST['oper'] == 'add'){
    
        $nombre = $_POST['nombre'];
        $parametros = $_POST['parametros'];
        $autor = $_POST['autor'];
        $txt = $_POST['comentario'];
        
        $sql="INSERT INTO informe(nombre, parametros, autor, comentario)VALUES('$nombre','$parametros','$autor','$txt');";
        $result=mysql_query($sql);
        
        
        if($result){
            $filename = "grafico".mysql_insert_id();
            //echo $filename;
            $encodeData = $_POST['imagen'];
            $encodeData = substr($encodeData, strpos($encodeData, ',') + 1); //strip the URL of its headers
            $encodeData = str_replace(' ','+',$encodeData);
            $decodeData = base64_decode($encodeData);

            $handle = fopen("graficos/".$filename.'.png', 'w+');
            fwrite($handle, $decodeData);
            fclose($handle);
        }

        /*else {
        echo "ERROR";
        }
        */
        

}
elseif ( $_POST['oper'] == 'del'){
        
        $id = $_POST['id'];
        
        $sql = 'DELETE FROM informe WHERE id="'.$id.'"';
        
        $result=mysql_query($sql);
        unlink('graficos/grafico'.$id.".png");
        
        
}
elseif ($_POST['oper'] == 'edit') {
        
        $id = $_POST['id'];
        $nombre = $_POST['name'];
        $comment = $_POST['comment'];
        
        $sql = 'UPDATE informe SET nombre="'.$nombre.'", comentario="'.$comment.'" WHERE id="'.$id.'"';
        
        $result=mysql_query($sql);
}

mysql_close($con);

?>
